﻿<?php require_once('../Connections/STN.php'); ?>
<?php
if (!isset($_SESSION)) {
  session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($UserName)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}

$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) 
  $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

if(isset($_GET['filtro'])){
//filtro
$codigopostagem=$_GET['filtro'];
mysql_select_db($database_STN, $STN);
$query_RSpostagem = "SELECT pos.POS_CODIGO, pos.POS_TITULO, pos.POS_DATA, pos.POS_PUBLICA,usu.USU_NOME FROM tb_postagens pos JOIN tb_usuarios usu ON(usu.USU_CODIGO=pos.POS_USU_CODIGO)  WHERE pos.POS_PER_CODIGO='$codigopostagem' ORDER BY pos.POS_CODIGO DESC ";
$RSpostagem = mysql_query($query_RSpostagem, $STN) or die(mysql_error());
$row_RSpostagem = mysql_fetch_assoc($RSpostagem);
$totalRows_RSpostagem = mysql_num_rows($RSpostagem);
}
if(isset($_GET['public'])){
//publicada
$publica=$_GET['public'];
mysql_select_db($database_STN, $STN);
$query_RSpostagem = "SELECT pos.POS_CODIGO, pos.POS_TITULO, pos.POS_DATA, pos.POS_PUBLICA,usu.USU_NOME FROM tb_postagens pos JOIN tb_usuarios usu ON(usu.USU_CODIGO=pos.POS_USU_CODIGO)  WHERE pos.POS_PUBLICA=$publica ORDER BY pos.POS_CODIGO DESC;";
$RSpostagem = mysql_query($query_RSpostagem, $STN) or die(mysql_error());
$row_RSpostagem = mysql_fetch_assoc($RSpostagem);
$totalRows_RSpostagem = mysql_num_rows($RSpostagem);
}
if(!isset($_GET['public']) and !isset($_GET['filtro'])){
//postagem
mysql_select_db($database_STN, $STN);
$query_RSpostagem = "SELECT pos.POS_CODIGO, pos.POS_TITULO, pos.POS_DATA, pos.POS_PUBLICA,usu.USU_NOME FROM tb_postagens pos JOIN tb_usuarios usu ON(usu.USU_CODIGO=pos.POS_USU_CODIGO) ORDER BY pos.POS_CODIGO DESC;";
$RSpostagem = mysql_query($query_RSpostagem, $STN) or die(mysql_error());
$row_RSpostagem = mysql_fetch_assoc($RSpostagem);
$totalRows_RSpostagem = mysql_num_rows($RSpostagem);
}
//classificação
mysql_select_db($database_STN, $STN);
$query_RSper_cat = "SELECT per.PER_CODIGO, cat.CAT_NOME, per.PER_NOME  FROM tb_categorias cat JOIN tb_periodos per ON(per.PER_CAT_CODIGO=cat.CAT_CODIGO);";
$RSper_cat = mysql_query($query_RSper_cat, $STN) or die(mysql_error());
$row_RSper_cat = mysql_fetch_assoc($RSper_cat);
$totalRows_RSper_cat = mysql_num_rows($RSper_cat);



//converte data do banco para br  
function bancobr($databanco){
		$ano = substr($databanco, 0, 4);
		$mes = substr($databanco, 5, 2);
		$dia = substr($databanco, 8, 2);
		$hora = substr($databanco,11, 5);
		$databr = $hora. " - ". $dia . "/" . $mes . "/" . $ano;
		return $databr;
	}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
    <link  href="css/admin.css" rel="stylesheet" type="text/css" />
<title>Adiministrador</title>
</head>
<body>
 <div id="main">
<div id="header">
            <a href="#" class="logo"><img src="img/logo.gif" width="101" height="29" alt="" /></a>
            <ul id="top-navigation">
                <li><a href="index.php">INDEX</a></li>
                 <li><a href="postagem-lista.php"class="active">POSTAGENS</a></li>
                <li><a href="arquivos-lista.php">ARQUIVOS</a></li>
                <li><a href="album-lista.php">FOTOS ANTIGAS</a></li>
                <li><a href="videos-lista.php">VIDEOS</a></li>
            </ul>
			<div class="logout">
        	<a href="logout.php"><img src="img/logout.png" /></a>
            </div>
        </div>
        <div id="middle">
<div id="left-column">
                <h3>AULAS</h3>
                <ul class="nav">
                	
                    <?php do { ?>
                    <li><a href="?filtro=<?php echo $row_RSper_cat['PER_CODIGO'] ?>"><?php echo $row_RSper_cat['CAT_NOME'] ."<br />  ". $row_RSper_cat['PER_NOME'] ?></a></li>
                 	<?php } while ($row_RSper_cat = mysql_fetch_assoc($RSper_cat)); ?>
				</ul>
                <a href="?public=2" class="link">POSTAGEM PUBLICADAS</a>
                <a href="?public=1" class="link">POSTAGEM ESCONDIDA</a>
            </div>
            <div id="center-column">
                <div class="top-bar">
                  <a href="postagem-cadastra.php" class="button">CADASTRA POSTAGEM</a>
                    <h1>ÚLTIMAS POSTAGEM</h1>
                    
                </div>
               
<div class="table">
                    <table class="listing" cellpadding="0" cellspacing="0">
                        <tr>
                            <th>Título</th>
                            <th>Data da úlima alteração</th>
                            <th>Quem cadastrou</th>
                            <th>Editar</th>
                            <th>Apagar</th>
                            <th>Publicado</th>
                        </tr>
                        <?php do { ?>
  <tr>
    <td class="style1">- <?php echo $row_RSpostagem['POS_TITULO'] ?> </td>
    <td><?php echo bancobr($row_RSpostagem['POS_DATA']) ?></td>
    <td><?php echo $row_RSpostagem['USU_NOME'] ?>
    </td>
    <td><a href="postagem-altera.php?postagem=<?php echo $row_RSpostagem['POS_CODIGO'] ?>">
    	<img src="img/edit-icon.gif" width="16" height="16" title="Clique para altera"/>
        </a></td>
    <td><a href="postagem-apaga.php?postagem=<?php echo $row_RSpostagem['POS_CODIGO'] ?>"><img src="img/hr.gif" width="16" height="16" alt="save" /></a></td> 
    <td>
    <a href="publicacao-altera.php?publica=<?php echo $row_RSpostagem['POS_CODIGO'] ?>">
    <img src="img/<?php if ($row_RSpostagem['POS_PUBLICA']==2) echo "publica2.png";	else echo "publica1.png" ?>" width="16" height="16" alt="add" title="<?php if ($row_RSpostagem['POS_PUBLICA']==2) echo "Clique para esconder";	else echo "Clique para publica" ?> "/>
    </a>
    </td>
  </tr>
  
  
  <?php } while ($row_RSpostagem = mysql_fetch_assoc($RSpostagem)); ?>
                    </table>
                    <div class="select">
                        <strong>Other Pages: </strong>
                        <select>
                            <option>1</option>
                        </select>
                    </div>
                </div>

            </div>
            <div id="right-column">
                <strong class="h">SUPORTE</strong>
                <div class="box">O suporte tecnico funciona de segunda a sexta no horario de 9:30h as 18h pelo telefone:  (84)8759-6187 / (84)9675-2663 robertojuniorluiz16 @gmail.com</div>
<!--fim do conteudo-->
            </div>
        </div>
        <div id="footer"><p>&copy;COPYRIGHT <a href="http://twitter.com/jrnescau" target="_blank">Nescau</a> e <a href="http://twitter.com/JessuirCleydson" target="_blank">Jessuir</a> 2012. </p></div>
</div>
</body>
</html>
<?php
mysql_free_result($RSper_cat);

mysql_free_result($RSpostagem);

?>
